Executive brief on how PCI DSS 4.0 affects offensive security practices, penetration testing, and segmentation testing. Watch Now

Combatting Adversaries: Proactive Social Engineering & Network Testing

Explore how sophisticated social engineering techniques bypass traditional security controls, featuring insights from Bishop Fox security experts on realistic attack scenarios and practical defensive strategies.

This virtual session illuminates the importance of proactive social engineering defense and the key role of internal network testing in orchestrating a successful counteroffensive against cyberattacks. We've selected the best industry experts who will expose the harsh truth of cyber threats, particularly those sparked by the cunning craft of social engineering, that target all kinds of enterprises.

Session Summary

Bishop Fox's security experts—Alethe Denis, Ben Lincoln, Derek Rush, and Rob Ragan—provides a comprehensive examination of modern social engineering threats and effective defensive strategies. The discussion begins by establishing how social engineering has evolved from simple deception to sophisticated manipulation techniques that exploit fundamental human psychological triggers like authority, helpfulness, and reciprocity.

The panel highlights how traditional social engineering vectors have been supercharged by artificial intelligence, enabling attackers to create highly personalized, convincing content at scale. They share concerning examples including AI-generated voice cloning used in extortion schemes and the automated creation of targeted phishing content tailored to specific organizational contexts. These advancements are rendering traditional signature-based defenses increasingly ineffective, requiring organizations to develop new defensive approaches.

Through detailed attack scenarios, the experts demonstrate how seemingly minor social engineering successes can escalate into catastrophic incidents. In one scenario, they trace how a simple phishing email with a malicious macro can progress through privilege escalation and lateral movement to become a full-scale ransomware attack. The panel emphasizes that effective defense requires multiple layers—from preventing initial access through user training and technical controls to limiting damage through network segmentation and least privilege implementation.

The discussion also addresses the growing challenge of insider threats, which have increased 41% from 2021 to 2023. The experts explain that these threats come not just from malicious employees but also from unwitting insiders who have been manipulated through social engineering. They recommend robust data classification, strict access controls, separation of duties, and deception technologies like honey tokens to detect suspicious activities early.

Throughout the webcast, the panel emphasizes the importance of proactive testing through tabletop exercises, network penetration testing, and red team engagements. These activities help organizations identify weaknesses in their defenses and practice incident response procedures before real attacks occur. The experts conclude by explaining how different types of security testing—vulnerability assessments, penetration tests, and red team exercises—serve different purposes based on an organization's security maturity and specific needs.

Key Takeaways

  1. Social engineering exploits fundamental human psychology - Attackers leverage psychological triggers like authority, helpfulness, and reciprocity to manipulate victims into taking actions against their organization's interests.
  2. AI dramatically enhances social engineering capabilities - Machine learning enables highly personalized, convincing deception at scale, including voice cloning and contextually relevant content generation that bypasses traditional defenses.
  3. Attack chains often begin with simple social engineering - Major incidents like ransomware attacks frequently start with basic social engineering tactics before progressing through privilege escalation and lateral movement phases.
  4. Network segmentation is crucial for damage limitation - Implementing least privilege at the network level (microsegmentation) significantly reduces an attacker's ability to move laterally after initial compromise.
  5. Insider threats require multi-layered detection - Organizations should implement data classification, access controls, and deception technologies (honey tokens) to identify potential insider threats before significant damage occurs.
  6. Disaster recovery planning is essential - Organizations should maintain tested, air-gapped backups and regularly practice recovery procedures to ensure business continuity after security incidents.
  7. Security testing should match organizational maturity - Different testing approaches (vulnerability assessments, penetration tests, red team exercises) serve different purposes based on an organization's security maturity and specific objectives.


Microsoft Teams image 13

About the speaker, Alethe Denis

Senior Security Consultant

Alethe Denis is a Senior Security Consultant at Bishop Fox. She is best known for social engineering, open-source intelligence (OSINT), and performing security assessments and trainings for both the private and public sectors with emphasis on critical infrastructure organizations. Alethe was awarded a DEF CON Black Badge at DEF CON 27 for Winning the 10th annual Social Engineering Capture the Flag (SECTF) contest. Using both OSINT and Social Engineering skills, she compromised her target Fortune 500 company using just a telephone. She, along with her teammates, received a bronze, silver, most valuable OSINT, and black badge award from a series of TraceLabs capture-the-flag contests, including first place in

She’s a frequent conference speaker and podcast guest, including speaking at DerbyCon, BsidesSF and ConINT, as well as an appearance on the TraceLabs, Layer 8 Conference, and Darknet Diaries podcasts.

Alethe is always focused on giving back to the information and cybersecurity community, including her work conducting free Security Awareness Trainings and hosting workshops for people who want to get into the cybersecurity industry.

More by Alethe

Ben Lincoln Headshot Managing Senior Security Consultant Bishop Fox

About the speaker, Ben Lincoln

Managing Principal

Ben Lincoln is a Managing Principal at Bishop Fox and focuses on application security. He has extensive experience in network penetration testing, red team activities, white-/black-box web/native application penetration testing, and exploit development. Prior to joining Bishop Fox, Ben was a security consultant with NCC Group, a global information assurance consulting organization. He also previously worked at a major retail corporation as a senior security engineer and a senior systems engineer. Ben delivered presentations at major security conferences, including "A Black Path Toward the Sun" at Black Hat USA 2016. Ben is OSCP-certified and has released several open-source exploit tools.

More by Ben

Rob Ragan

About the speaker, Rob Ragan

Principal Technology Strategist

Rob Ragan is a Principal Researcher at Bishop Fox. Rob focuses on pragmatic solutions for clients and technology. He oversees strategy for continuous security automation. Rob has presented at Black Hat, DEF CON, and RSA. He is also a contributing author to Hacking Exposed Web Applications 3rd Edition. His writing has appeared in Dark Reading and he has been quoted in publications such as Wired.

Rob has more than a decade of security experience and once worked as a Software Engineer at Hewlett-Packard's Application Security Center. Rob was also with SPI Dynamics where he was a software engineer on the dynamic analysis engine for WebInspect and the static analysis engine for DevInspect.

More by Rob

Derek Rush BF Headshot

About the speaker, Derek Rush

Managing Senior Consultant

Derek Rush, a Managing Senior Consultant, brings vast proficiency in application penetration testing and network penetration testing, both static and dynamic, to the table. With a wealth of experience, Derek has successfully performed dynamic testing for a range of high-profile clients in the healthcare, government, and logistics sectors.

His expertise is backed by a list of impressive certifications, including Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP), Practical Web Application Penetration Testing (PWAPT), eLearnSecurity Web Application Penetration Tester (eWPT), and eLearnSecurity Certified Professional Penetration Tester (eCPPT).

More by Derek

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.